package cn.wolfcode.wolf2w.gateway.filter;

import cn.wolfcode.wolf2w.common.core.domain.R;
import cn.wolfcode.wolf2w.gateway.util.Md5Util;
import com.alibaba.fastjson.JSON;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@Component
public class SignFilter implements GlobalFilter {

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        //获取所有的参数
        MultiValueMap<String, String> queryParams = exchange.getRequest().getQueryParams();
        //签名方法需要的参数
        Map<String, Object> map=new HashMap<>();
        for (String key : queryParams.keySet()) {
            if ("sign".equals(key)){
                continue;
            }
            List<String> list = queryParams.get(key);
            StringBuilder stringBuilder = new StringBuilder();
            for (String s : list) {
                stringBuilder.append(s);
            }
            map.put(key,stringBuilder.toString());
        }
        String sign_server = Md5Util.signatures(map);
        String sign_client = queryParams.getFirst("sign");

        //现在代码中只有测试的info页面使用防篡改机制，此判断是针对其他没有防篡改机制的页面使用，所以这里判断sign_client是否为空
        if (sign_client==null){
            return chain.filter(exchange);
        }

        if (sign_client!=null && sign_client.equals(sign_server)){
            //参数没有被篡改
            //接口访问时效性判断
            String timestamp = queryParams.getFirst("timestamp");
            Long client_time = Long.valueOf(timestamp);
            long server_time = System.currentTimeMillis();
            if (server_time-client_time>30*1000){
                R<Object> r=R.fail(500,"请求时间大于30秒超时了");
                //转JSON
                String jsonString = JSON.toJSONString(r);
                DataBuffer resData = exchange.getResponse().bufferFactory().wrap(jsonString.getBytes(StandardCharsets.UTF_8));
                exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
                return exchange.getResponse().writeWith(Mono.just(resData));
            }


            return chain.filter(exchange);
        }else{
            //参数被篡改
            R<Object> r=R.fail(500,"敢篡改我的参数，是不是没见过黑社会啊！！！");
            //转JSON
            String jsonString = JSON.toJSONString(r);
            DataBuffer resData = exchange.getResponse().bufferFactory().wrap(jsonString.getBytes(StandardCharsets.UTF_8));
            exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
            return exchange.getResponse().writeWith(Mono.just(resData));
        }

    }
}
